/**
  * @param WebhookRequest $webhookRequest
  *
  * @throws InvalidSignatureException
  */
 public function authenticateSignature(WebhookRequest $webhookRequest)
 {
     $headers = $webhookRequest->getHeaders();
     if (!array_key_exists('authorization', $headers)) {
         throw new InvalidSignatureException('"Authorization" header not found in Xsolla webhook request');
     }
     $matches = array();
     preg_match('~^Signature ([0-9a-f]{40})$~', $headers['authorization'], $matches);
     if (array_key_exists(1, $matches)) {
         $clientSignature = $matches[1];
     } else {
         throw new InvalidSignatureException('Signature not found in "Authorization" header from Xsolla webhook request: ' . $headers['authorization']);
     }
     $serverSignature = sha1($webhookRequest->getBody() . $this->projectSecretKey);
     if ($clientSignature !== $serverSignature) {
         throw new InvalidSignatureException("Invalid Signature. Signature provided in \"Authorization\" header ({$clientSignature}) does not match with expected");
     }
 }
Пример #2
0
 /**
  * @param WebhookRequest $webhookRequest
  * @param bool           $authenticateClientIp
  *
  * @return Response
  */
 public function getSymfonyResponse(WebhookRequest $webhookRequest = null, $authenticateClientIp = true)
 {
     try {
         if (!$webhookRequest) {
             $webhookRequest = WebhookRequest::fromGlobals();
         }
         $this->webhookAuthenticator->authenticate($webhookRequest, $authenticateClientIp);
         $message = Message::fromArray($webhookRequest->toArray());
         call_user_func($this->webhookCallback, $message);
         $webhookResponse = new WebhookResponse();
         return $webhookResponse->getSymfonyResponse();
     } catch (\Exception $e) {
         return WebhookResponse::fromException($e)->getSymfonyResponse();
     }
 }